CSO Online

Klue breach exposed Salesforce CRM data through stolen OAuth tokens

An attacker broke into competitive-intelligence vendor Klue, stole OAuth tokens its customers use to connect to Salesforce ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Dark Reading

Salesforce Data Thefts Continue via Klue App Compromise

More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...
Microsoft

Copilot Cowork is now generally available

Today we’re announcing the general availability of Copilot Cowork worldwide. After three months of preview in Frontier, more than half of the Fortune 500 is using Copilot Cowork, along with companies ...
LinkedIn

From LLM Hype to Enterprise AI

Over the past year, almost every organization has experimented with AI tools. Most of those experiments looked similar: plug in an LLM, build a chatbot, run a demo. But once companies move beyond ...
The Hacker News

⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: ...